The Office of Inspector General for the National Credit Union Administration (NCUA) engaged CliftonLarsonAllen LLP (CLA) to independently evaluate the NCUA's information security and privacy management programs and controls for compliance with the Federal Info1mation Security Modernization Act of 2014 and federal regulations and standards.CLA evaluated the NCUA's information security and privacy management programs through interviews, documentation reviews, technical configuration reviews, and sample testing. This year, CLA also conducted a vulnerability assessment of NCUA's network.
Open Recommendations
Recommendation Number | Significant Recommendation | Recommended Questioned Costs | Recommended Funds for Better Use | Additional Details | |
---|---|---|---|---|---|
8.OIG-18-07Recommendation | Yes | $0 | $0 | ||
The Office of the Chief Information Officer enforce the policy to remediate patch and configuration related vulnerabilities within agency defined timeframes. | |||||
9.OIG-18-07Recommendation | No | $0 | $0 | ||
The Office of the Chief Information Officer implement a process to detect and migrate unsupported software to supported platforms before support for the software ends. |